Quality and Information Security Policy
Our policy at Talanos Cybersecurity is to maintain a quality and information security system designed to meet the requirements of ISO 9001:2015 & ISO 27001:2022 in pursuit of our primary objectives, our purpose, and the context of our organisation. Specifically, and as enshrined in both our mission and values, to safeguard organisations against growing cyber threats, helping them to: Protect their valuable assets, maintain trust and achieve their own purpose in an increasingly digital world.
Our policy is to be open and transparent concerning quality and information security to interested parties and to maintain a robust information security posture. We do not believe these are mutually exclusive. Interested parties include clients, suppliers and employees and our QISP can be documented in contracts, purchase orders and specifications etc upon request.
It is the policy of Talanos Cybersecurity to:
- Satisfy or exceed, whenever possible, the requirements and expectations of all of our clients, stakeholders, and other interested parties.
- Comply with all legal requirements, codes of practice and all other requirements which are applicable to our activities.
- Reduce hazards and prevent injury, ill health, and pollution.
- Protect the environment, including the prevention of pollution, sustainable resource use, climate change mitigation and adaptation, the protection of biodiversity and ecosystems.
- Provide all the resources and equipment needed to maintain these systems. Including well trained and competent staff and any other requirements necessary to enable these objectives to be met.
- Adopt a process driven approach to the way we work and view our business. Our business is a system of interconnected processes which combine to deliver objectives with minimum impact on the environment.
- Ensure that all employees are made aware of their individual obligations in respect of this quality and information security policy.
- Maintain management systems that will achieve these objectives and continually monitor and improve the effectiveness and performance of these systems using a risk-based methodology.
This policy provides a framework for setting, monitoring, reviewing and achieving our objectives, programmes and targets. Client service is an essential part of the quality process and we set the very highest standards. All employees receive training to ensure they are aware of and understand the quality and information security systems, and its impact on client service.
We work tirelessly to enhance our systems. Our business and risk management systems are regularly reviewed by our board to ensure they remain appropriate and suitable. Our Quality and Information Security policies are subject to both regular internal and external audits.
Scope of the Policy for ISO 9001:2015 and ISO 27001:2022
The scope of this policy relates to the provision of managed cyber security services to commercial clients Worldwide, the provision of excellent employee experience and where appropriate to external risk sources including functions which are outsourced.
Approval on behalf of the board
5 February 2024